Does REST Template internally validates the certificate's expiry?

DS
DS Newcomer
in World-Check One

Trying to find out the code in REST Template which actually does the certification validation over the certificate received in response to client request. I know that certificate.checkValidity() is the method where all certificate related validations takes place. But I am not able to find anything concrete which tells which all validations it performs. Could some please share and confirm these validations either in the form of some official documentation or REST Template official documentation?


String worldcheckURL= “thomsonreuters API URL” ;
URL url = new URL(worldcheckURL);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
X509Certificate[] certs = (X509Certificate[]) connection.getServerCertificates();
X509Certificate certificate = certs[0];
certificate.getVersion());
certificate.getNotAfter())
certificate.checkValidity();
Tagged:

Best Answer

  • Mehran Khan
    Mehran Khan LSEG
    Answer ✓

    @DS


    I would like to know is there a specific reason to check the validity again after the TLS handshake?

    If the certs are expired you won't be able to consume the API in the first place s was just wondering why the approach of validating again post successful handshake?


    If your intention is to know till when the certs are valid for? rest assured we will be updating our certs before they expire.

Answers

Categories